Applies To:
Show VersionsBIG-IP APM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Clients for Linux
About Linux
clients
About browser-based connections from Linux, Mac, and Windows clients
Requirements for client installation and use on Linux
Requirement |
Specification |
---|---|
Browser |
Use Firefox for installing the client component. The browser must
support the installation of plugins. |
Firewall settings |
If you have a firewall enabled on your Linux system, you must enable access on IP
address 127.0.0.1, port 44444 . |
PPP |
The system must support PPP. (This is usually the case.) The user must have
permission to run the PPP daemon. |
Installation privilege |
The remote user must have superuser authority, or, must be able to supply an
administrative password to successfully install the Network Access client. |
About Network Access
features for Linux clients
Specifying applications to start on a Linux client
- On the Main tab, click.The Network Access Lists screen opens.
- In the Name column, click the name of the network access resource you want to edit.
- To configure applications to start for clients that establish a Network Access connection with this resource, clickLaunch Applicationson the menu bar.
- ClickAddto add an application list.A screen opens showing the Add Application To Launch area.
- In theApplication Pathfield type an application to launch.For example, type/usr/bin/mozillato start Mozilla.
- In theParametersfield, type a parameter.For example, typehttp://www.f5.com.
- From theOperating Systemlist, selectUnix.
- ClickFinishedto add the configuration.
Overview: Installing and using the CLI for Linux
Downloading the Linux command line client
- On the Main tab, click.A list of available client downloads displays.
- Click the requiredCommand Line Client for Linuxrpm/debfile to download.Therpm/debfile is downloaded to your local directory.
Importing a certificate to the local trust store
- Using operating system commands, place the certificate in any folder in the operating system.For example,/etc/certs.
- Change the directory.For example,cd /etc/certs.
- Type the commandc_rehash ./.
Linux client commands
- f5fpc --start [arguments]
- f5fpc -s [arguments]
Arguments |
Description |
---|---|
|
Returns the command line interface immediately after the command. |
|
The host name to which the client starts the VPN connection. This is required.
|
|
The optional user name for the connection. |
|
The optional password for the connection. |
|
The optional hex-encoded user name for the connection. |
|
The optional hex-encoded password for the connection. |
|
Specifies an optional client certificate. |
|
Specifies the key for an optional client certificate. |
|
Specifies the password for an optional SSL certificate. |
|
Specifies a certificate from a trusted certificate authority (CA). If
--cacert or --cacertdir is specified, then the
server certificate validates for trust against the specified certificate or directory.
If --cacert or --cacertdir is not specified, then
the default location /etc/ssl/certs is checked to verify trust.
The --nocheck option can be specified if a server certificate check
is not desired, though this is not recommended. |
|
Specifies a certificate directory that contains a certificate from a trusted CA.
If --cacert or --cacertdir is specified, then the
server certificate validates for trust against the specified certificate or directory.
If --cacert or --cacertdir is not specified, then
the default location /etc/ssl/certs is checked to verify trust.
The --nocheck option can be specified if a server certificate check
is not desired, though this is not recommended. |
|
Specifies that the trusted CA certiicate is not verified for trust at all. If
--cacert or --cacertdir is specified, then the
server certificate validates for trust against the specified certificate or directory.
If --cacert or --cacertdir is not specified, then
the default location /etc/ssl/certs is checked to verify trust.
The --nocheck option can be specified if a server certificate check
is not desired, though this is not recommended. |
- f5fpc --stop
- f5fpc --o
- f5fpc --info
- f5fpc --i
- f5fpc --help
- f5fpc --h
Info command status and error codes
Error code/command status |
Hex value |
Shell value |
Description |
---|---|---|---|
CLI_ERROR_SUCCESS |
0x0 |
0 |
The command line operation was successful. |
CLI_ERROR_USERS_DISCONNECT |
0x150 |
80 |
The user was disconnected |
CLI_ERROR_LOGON_FAILURE |
0x151 |
81 |
Login failed due to incorrect authenticaion information or login errors. |
CLI_ERROR_ATTENTION_REQUIRED |
0x154 |
84 |
The user's attention is required. |
CLI_ERROR_GENERIC_FAILURE |
0x155 |
85 |
An error occurred in the system API. |
CLI_ERROR_UNKNOWN_PARAMETER |
0x156 |
86 |
An incorrect or unknown parameter was passed to the command line. |
CLI_ERROR_WRONG_VALUE |
0x157 |
87 |
This is an undefined error. |
CLI_ERROR_UNKNOWN_SESSION_ID |
0x158 |
88 |
An unknown session ID was encountered. The user should reconnect to the
server. |
CLI_ERROR_NO_PROFILE |
0x15B |
91 |
No such profile exists. |
CLI_ERROR_MSGQ_OPEN_FAILURE |
0x15D |
93 |
The system failed to open the message queue. |
CLI_ERROR_OPERATION_IN_PROGRESS |
0x15F |
95 |
An operation is in progress, please retry. |
kss_Initialized |
1 |
1 |
The session is initialized. |
kss_LogonInProgress |
2 |
2 |
The user login is in progress. |
kss_Idle |
3 |
3 |
The session is idle. |
kss_Established |
5 |
5 |
The session is established. |
kss_AttentionReq |
6 |
6 |
The session requires the user's attention. |
kss_LogonDenied |
7 |
7 |
Login was denied. |
kss_LoggedOut |
8 |
8 |
The user is logged out of the server. |
Editing the log level for Edge Client on Linux
- In the/usr/local/lib/F5Networksdirectory, open thef5networks.conffile.
- Edit the settings to change the log level.By default, the values are 0 (zero). For debugging purposes, set the values to 5.
VPN component installation and log locations on Linux
Category |
Location |
---|---|
VPN component |
/usr/local/lib/F5Networks |
VPN logs |
~/.F5Networks |